Location: PHPKode > projects > infoboard > infoboard/_req/infoboardsave.php
<?
session_start();
include("../data/connect.php");
include("../data/_uconfig.php");
include("../_class/lang.php");
include("../_class/lang_".$iscon["getlang"].".php");
include("../_class/_func.php");
include("../_class/class.global.php");
include("../_class/class.req.php");


	function checkad($data){
		$path="../data/ad.dat";
		if(!file_exists($path)) return;
		$data = stripslashes($data);
		$data = strip_tags($data);
		$data = eregi_replace("\r","",$data);
		$data = eregi_replace("\n","",$data);
		if(!$data) return;

		$read=file($path);
		for ($i=0;$i<count($read);$i++){
			 $ad[]=trim($read[$i]);
		}
		for($i=0;$i<count($ad);$i++){
			  if(ereg($ad[$i],$data)) return true;
		 }
		 return;
	}



$ref=$_SERVER["HTTP_REFERER"];
		 
if(isset($_SERVER["HTTP_REFERER"])){
	  if(!(ereg($_SERVER["HTTP_HOST"],$ref)))
		{
		   echo "Security!!";
		   exit();
		}
}


$infoboard = new req_infoboard();
$infoboard->checksess();
$infoboard->isconnect();

$iscon["ip"] = $infoboard->isip();

$date = date("YmdHis", time());

if(isset($_POST["action"])) $action=$_POST["action"]; else $action="";
if(isset($_POST["gid"])) $cat=$_POST["gid"]; else $cat="";

if(empty($cat)) refback($iscon["lang"][116]);

$active=1;
$activeimg=1;
$uppic=0;

$qlevel=$_POST["_qlevel"];
$alevel=$_POST["_alevel"];
$readlevel=$_POST["_readlevel"];

$checkq=$_POST["_checkq"];
$checka=$_POST["_checka"];
$checkpic=$_POST["_checkpic"];
$uppic=$_POST["_uppic"];

if($checkpic > 0) $activeimg=$checkpic;

		  switch($action){
		  case"boardq";
		       if(!$iscon["iduser"]){
				    if(!$iscon["idadmin"]){
						 if($qlevel > 0) refback($iscon["lang"][42]);
					}
				}
				if(!$iscon["idadmin"]){
					 if($checkq > 0) $active=0;
				}
		  break;
		  default;
		        if(!$iscon["iduser"]){
					  if(!$iscon["idadmin"]){
						    if($alevel > 0) refback($iscon["lang"][42]);
					  }
				 }
				 if(!$iscon["idadmin"]){
					  if($checka > 0) $active=0;
				 }
		  }


if($iscon["user"]){
	 $level=1;
	 $userid=$iscon["iduser"];
	 $name=$iscon["user"];
}elseif($iscon["admin"]){
	 $level=2;
	 $userid=$iscon["idadmin"];
	 $name=$iscon["admin"];
	 $active=1;
	 $activeimg=1;
}else{
	 $level=0;
	 $userid=0;
	 $name=$_POST["name"];
	 if(empty($name)) refback($iscon["lang"][94]);
}

$picformat=1;
$picname="";
$piccover="";

$ext="";

if(isset($_POST["inputcode"])) $incode=$_POST["inputcode"];
if(isset($_POST["previewcode"])) $precode=$_POST["previewcode"];


$code = "";
$codeinput = $level;
if($iscon["public_code"]) $codeinput = $iscon["public_code"];

if($codeinput > 0){
	 if(trim($incode)){
		 $code = $incode;
	}else{
		 if(trim($precode)){
			  $precode = $infoboard->removescript1($precode);
			  $precode = $infoboard->removescript2($precode);
			  if(ereg("youtube",$precode)) $code = $precode;
		  }
	 }
}

if(isset($_POST["upformat"])) $upformat=$_POST["upformat"]; else $upformat=0;
if(isset($_POST["border"])) $border=eregi_replace("#","",$_POST["border"]); else $border="CCCCCC";


$detail=$_POST["_detail"];
$detail = $infoboard->removetag1($detail);
$detail = $infoboard->removetag2($detail);
if(!$infoboard->emptydetail($detail)) refback($iscon["lang"][118]);
$detail = $infoboard->badword($detail); 
$detail = eregi_replace("<br />","&lt;br /&gt;",$detail);
$detail = strip_tags($detail, '<p><a><img><font><strong><em><u><hr /><ol><li><ul><blockquote><br />');
$detail = eregi_replace("&lt;br /&gt;","<br />",$detail);

$ad="";

if(checkad($detail)){
	$active=0;
	$ad=1;
}

$counticon = $infoboard->isread("../data/icon.dat");
$detail = $infoboard->geticon(stripslashes($detail), $counticon);
$temp=rand(0,999).time();

if($upformat == 1){
	  $ext=$infoboard->up1($temp, $uppic);
	  $picformat=1;
}elseif($upformat == 2){
	  $ext=$infoboard->up2($temp, $uppic);
	  $picformat=2;
}


if($ext){
	$picname=$temp;
	$piccover=$temp.".".$ext;
}

		  switch($action){
		  case"boardq";
		        $topic=$_POST["topic"];
				if(strlen($topic) <= 5) refback($iscon["lang"][119]);
				$topic = htmlspecialchars(strip_tags($topic));
				if(!$topic) refback($iscon["lang"][120]);
				if(checkad($topic)){
					$active=0;
					$ad=1;
				}


				if(isset($_POST["_stick"])) $stick=$_POST["_stick"]; else $stick=0;
				if(isset($_POST["_lock"])) $lock=$_POST["_lock"]; else $lock=0;
				$page = $infoboard->tbcount($cat);

				$fieldname="
				_cat,
				_page,
				_topic,
				_detail,
				_code,
				_name,
				_ip,
				_border,
				_align,
				_lock,
				_level,
				_userid,
				_stick,
				_pic,
				_piccover,
				_coverformat,
				_ext,
				_picformat,
				_activeimg,
				_active,
				_time
				";
				$fieldvalue="
				'".$cat."',
				'".$page."',
				'".addslashes($topic)."',
				'".addslashes($detail)."',
				'".addslashes($code)."',
				'".addslashes($name)."',
				'".$iscon["ip"]."',
				'".$border."',
				'".$_POST["align"]."',
				'".$lock."',
				'".$level."',
				'".$userid."',
				'".$stick."',
				'".$picname."',
				'".$piccover."',
				'".$picformat."',
				'".$ext."',
				'".$picformat."',
				'".$activeimg."',
				'".$active."',
				'".$date."'
				";
				if($qid = $infoboard->tbinsert("_infoboardq", $fieldname, $fieldvalue)){
					  if(trim($incode)) $infoboard->codewrite($qid, 1, $incode);
					  if($level == 1){
						   if($userid > 0){
							   $infoboard->tbupdate("_user", "_post=_post+1", "_cid", $userid);
							   $infoboard->writepoint($iscon["user"]);
						   }
					  }
					  if($picname){
						   if($activeimg == 2) $infoboard->unproof("improof", $cat, $page, 1, $qid);
					  }

					  if($active == 0){
						   $infoboard->unproof("unproof", $cat, $page, 1, $qid);
						   refurl($iscon["lang"][117], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					  }elseif($ad){
						   refurl($iscon["lang"][157], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					  }else{
						   $infoboard->savecache($cat, $page);
						   refurl($iscon["lang"][105], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					  }
				}

		  break;
		  case"boarda";
				$qid=$_POST["qid"];
				$page=$_POST["page"];

				$fieldname="
				_qid,
				_cat,
				_detail,
				_code,
				_name,
				_ip,
				_border,
				_align,
				_level,
				_userid,
				_pic,
				_ext,
				_picformat,
				_activeimg,
				_active,
				_time
				";
				$fieldvalue="
				'".$qid."',
				'".$cat."',
				'".addslashes($detail)."',
				'".addslashes($code)."',
				'".addslashes($name)."',
				'".$iscon["ip"]."',
				'".$border."',
				'".$_POST["align"]."',
				'".$level."',
				'".$userid."',
				'".$picname."',
				'".$ext."',
				'".$picformat."',
				'".$activeimg."',
				'".$active."',
				'".$date."'
				";
				if($aid = $infoboard->tbinsert("_infoboarda", $fieldname, $fieldvalue)){
					 if($level == 1){
						  if($userid > 0){
							   $infoboard->tbupdate("_user", "_post=_post+1", "_cid", $userid);
							   $infoboard->writepoint($iscon["user"]);
						  }
					 }
					 if($picname){
						  if($activeimg == 2) $infoboard->unproof("improof", $cat, $page, 2, $aid);
					 }
					 if(trim($incode)) $infoboard->codewrite($aid, 2, $incode);

					 if($active == 0){
						   $infoboard->unproof("unproof", $cat, $page, 2, $aid);
						   refurl($iscon["lang"][117], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					 }elseif($ad){
						   refurl($iscon["lang"][157], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					 }else{
						   if($piccover) $spic="_piccover='".$piccover."', _coverformat='".$picformat."',"; else $spic="";
						   $fieldupdate="
						   _reply=_reply+1,
						   _ansname='".addslashes($name)."',
						   _anslevel='".$level."',
						   _ansuid='".$userid."',
						   _save='1',
						   $spic
						   _update='".$date."'
						   ";
						   if($infoboard->tbupdate("_infoboardq", $fieldupdate, "_cid", $qid)){
								 $infoboard->savecache($cat, $page);
								 $rid = $infoboard->ridpage($cat, $page);
								 refurl($iscon["lang"][105], "../".$infoboard->txtmod()."topic".$iscon["_s"].$cat.$iscon["_s"].$page.$iscon["_s"].$rid.$infoboard->extmod());
						   }
					 } //active
				} //aid
		  break;
		  case"boardi";
				$qid=$_POST["qid"];
				$aid=$_POST["aid"];
				$page=$_POST["page"];
				$req=$_POST["req"];
				$pnext=$_POST["pnext"];

				if($req == "3"){
					 $qtarget = 1;
				}else{
					 $qtarget = 2;
				}

				$fieldname="
				_target,
				_qid,
				_aid,
				_cat,
				_detail,
				_code,
				_name,
				_ip,
				_level,
				_userid,
				_pic,
				_ext,
				_picformat,
				_activeimg,
				_active,
				_time
				";
				$fieldvalue="
				'".$qtarget."',
				'".$qid."',
				'".$aid."',
				'".$cat."',
				'".addslashes($detail)."',
				'".addslashes($code)."',
				'".addslashes($name)."',
				'".$iscon["ip"]."',
				'".$level."',
				'".$userid."',
				'".$picname."',
				'".$ext."',
				'".$picformat."',
				'".$activeimg."',
				'".$active."',
				'".$date."'
				";
				if($xid = $infoboard->tbinsert("_infoboardi", $fieldname, $fieldvalue)){
					 if($level == 1){
						  if($userid > 0){
							   $infoboard->tbupdate("_user", "_post=_post+1", "_cid", $userid);
							   $infoboard->writepoint($iscon["user"]);
						  }
					 }
					 if($picname){
						  if($activeimg == 2) $infoboard->unproof("improof", $cat, $page, 3, $xid);
					 }
					 if(trim($incode)) $infoboard->codewrite($xid, 3, $incode);

					 if($active == 0){
								$infoboard->unproof("unproof", $cat, $page, 3, $xid);
							    refurl($iscon["lang"][117], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					 }elseif($ad){
						   refurl($iscon["lang"][157], "../".$infoboard->txtmod()."group".$iscon["_s"].$cat.$iscon["_s"]."0".$iscon["_s"]."1".$infoboard->extmod());
					 }else{
						   if($piccover) $spic="_piccover='".$piccover."', _coverformat='".$picformat."',"; else $spic="";
						   $fieldupdate="
						   _insert=_insert+1,
						   _ansname='".addslashes($name)."',
						   _anslevel='".$level."',
						   _ansuid='".$userid."',
						   _save='2',
						   $spic
						   _uppage='".$pnext."',
						   _update='".$date."'
						   ";
						   if($infoboard->tbupdate("_infoboardq", $fieldupdate, "_cid", $qid)){
								 $infoboard->savecache($cat, $page);
								 refurl($iscon["lang"][105], "../".$infoboard->txtmod()."topic".$iscon["_s"].$cat.$iscon["_s"].$page.$iscon["_s"].$pnext.$infoboard->extmod());
						   }
					 } //active
				} //xid
		  break;
		  default;
		  }

$infoboard->isclose();

refurl("", "../");

?>
Return current item: infoboard